package com.etc.service.impl;


import com.etc.controller.loginController;
import com.etc.entity.Permission;
import com.etc.entity.User;
import com.etc.service.ShiorService;

import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.crypto.hash.Md5Hash;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.util.ByteSource;
import org.springframework.beans.factory.annotation.Autowired;
import org.apache.log4j.Logger;
import java.util.HashSet;
import java.util.List;
import java.util.Set;


public class MyShiroReaml extends AuthorizingRealm {
    Logger logger=Logger.getLogger(MyShiroReaml.class);
    @Autowired
    private ShiorService shiorService;
    private String salt="abc";



    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection pc) {
        User user=(User)pc.getPrimaryPrincipal();
        SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
        System.out.println("进入权限获取");
        Set<String> roles=new HashSet<String>();
        //获取permission
        if(user!=null) {
            String role = shiorService.FindRole(user.getUsername());
            System.out.println("角色"+role);
            roles.add(role);
            info.setRoles(roles);
            System.out.println(user.getUsername());
            List<Permission> permissionList = shiorService.FindPermission(user.getUsername()) ;
            System.out.println(permissionList);
            if (permissionList.size()!=0) {
                for (Permission p: permissionList) {
                    System.out.println("获取权限"+p.getUrl());
                    info.addStringPermission(p.getUrl());
                }
                System.out.println("info的角色"+info.getRoles());
                System.out.println("info的权限"+info.getStringPermissions());
                return info;
            }
        }
        return null;
    }

    // 认证方法
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        System.out.println("进来验证了");
//        //验证账号密码
//        UsernamePasswordToken token = (UsernamePasswordToken) authenticationToken;
//        //获取密码的格式
//        String password=new String(token.getPassword());
//        //加密工具类加密
//        password=Md55.MD5(password);
//        System.out.println("加密后"+password);
//        User user = shiorService.FindByusername(token.getUsername());
//        //从数据库获取密码
//        System.out.println("数据库密码"+user.getPassword());
//        System.out.println("密码比较"+user.getPassword().equals(password));
//        System.out.println("密码比较"+user.getPassword().equals(new String(password)));
//        System.out.println("登录信息"+user);
//        if(user==null||!user.getPassword().equals(password)){
//            System.out.println("用户不存在");
//            return null;
//        }
        //最后的比对需要交给安全管理器
        //三个参数进行初步的简单认证信息对象的包装

         //获取前端的输入账号密码
        String username = (String) authenticationToken.getPrincipal();
        String password = new String((char[]) authenticationToken.getCredentials()); AuthenticationInfo info=null;
        logger.info(password+"无登录状态的密码");
        User user = shiorService.FindByusername(username);
        logger.info(new Md5Hash(password, salt).toHex());
        //手机登录时进入
        if(password.length()>8){
            logger.info("进入密码大于8 ");
            try{
            info = new SimpleAuthenticationInfo(user,password, getName());}
            catch (Exception e){
                logger.info("info验证错误");
            }
            logger.info("验证无误");
            return info;
        }
       //比较密码需要转为Hash值
        if(user==null||!user.getPassword().equals(new Md5Hash(password, salt).toHex())){
            logger.info("用户不存在或者用户密码错误");
            return null;
        }

//        //铭文转为hash值 new Md5Hash(password, salt).toHex()
//        String md5Pwd = new Md5Hash(password, salt).toHex();
        try {
             info = new SimpleAuthenticationInfo(user,password, getName());
        }catch (Exception e){
          logger.info("密码正确，info验证错误");
        e.printStackTrace();
      }
        //四个参数对象，密码，加密盐值，getName
//        AuthenticationInfo info = new SimpleAuthenticationInfo(user,user.getPassword(), ByteSource.Util.bytes(user),getName());
        return info;
       }



}
